Case Study

Technology Company Reduces Cybersecurity Risks With Global Active Directory Assessment

Assessment uncovers thousands of vulnerabilities and risks and creates short- and long-term roadmap for success

Challenge

A large technology company, which had fragmented IT practices, desperately needed a new Active Directory (AD) strategy.

As part of this new strategy, the organization wanted to perform an audit of their aging Microsoft Active Directory architecture and deployment to ensure cybersecurity best practices and considerations for moving to the cloud.

The company has had a dedicated team of experts managing their AD, but has never had a third party validate their implementation or provide consultation on processes and standards.

Leery of working with a third party, the organization wanted a trusted and unbiased vendor to perform the assessment. They came to WWT.

Solution

The assessment examined more than a dozen domains, hundreds of domain controllers and millions of accounts.

Key objectives of the assessment included:

  • Examining AD management tools. Many AD tools in use were no longer proving effective. They couldn’t keep up with the AD technology, and staff was overwhelmed with tool upkeep.
  • Addressing staffing resources. Because the organization had a lack of dedicated resources, which is not uncommon in the industry, they wanted to use this assessment as an opportunity to implement processes that would streamline workflows and justify additional cybersecurity staffing.

To meet these objectives, we used an automated, script-driven data collection process developed by our end-user computing team that produced valuable pages of documented details. Then, to supplement and put this data into context, we interviewed members of the organization’s access management engineering team.

Conclusion

We conducted the lengthy assessment in less than 60 days and presented the organization with an assessment that uncovered many risks and vulnerabilities that required immediate remediation.

Our final report identified strengths and weaknesses related to key objectives, reviewed areas of noncompliance and provided prescriptive recommendations with a roadmap for improvement over the next three months, three quarters and three years.

Our key recommendations included:

  • Upgrade current processes and standards to mitigate risk. Domains and systems were not consolidated as planned; documentation was not completed or updated as systems changed, which led to decreased support; and there was disparity between migrated environments and legacy operating systems. To combat this, we recommended the organization transition from their ad-hoc processes and develop a more risk-centric management approach that enables repeatable, predictable results spanning the entire area of AD.
  • Evaluate new tools. With many of their management tools proving ineffective, we suggested looking at OEMs like Tanium to help with endpoint security and systems management, in addition to updating legacy Windows and Linux servers to better support their large enterprise.
  • Increase staffing resources. We found that the department was over 50 percent understaffed based on the current projects they were running and implementations we were suggesting.

Based on our assessment, the organization is engaging us as a trusted advisor for consulting services support to get their AD processes back on track. The organization is also considering using our labs for OEM product testing to help with AD management in the future. Finally, we will be evaluating the organization’s governance, risk and compliance processes and procedures.